| Jon Perritt | db9a9b3 | 2015-03-09 12:08:50 -0600 | [diff] [blame^] | 1 | // +build acceptance networking security |
| 2 | |
| 3 | package v2 |
| 4 | |
| 5 | import ( |
| 6 | "testing" |
| 7 | |
| 8 | osGroups "github.com/rackspace/gophercloud/openstack/networking/v2/extensions/security/groups" |
| 9 | osRules "github.com/rackspace/gophercloud/openstack/networking/v2/extensions/security/rules" |
| 10 | osNetworks "github.com/rackspace/gophercloud/openstack/networking/v2/networks" |
| 11 | osPorts "github.com/rackspace/gophercloud/openstack/networking/v2/ports" |
| 12 | "github.com/rackspace/gophercloud/pagination" |
| 13 | rsNetworks "github.com/rackspace/gophercloud/rackspace/networking/v2/networks" |
| 14 | rsPorts "github.com/rackspace/gophercloud/rackspace/networking/v2/ports" |
| 15 | rsGroups "github.com/rackspace/gophercloud/rackspace/networking/v2/security/groups" |
| 16 | rsRules "github.com/rackspace/gophercloud/rackspace/networking/v2/security/rules" |
| 17 | th "github.com/rackspace/gophercloud/testhelper" |
| 18 | ) |
| 19 | |
| 20 | func TestSecurityGroups(t *testing.T) { |
| 21 | Setup(t) |
| 22 | defer Teardown() |
| 23 | |
| 24 | // create security group |
| 25 | groupID := createSecGroup(t) |
| 26 | |
| 27 | // delete security group |
| 28 | defer deleteSecGroup(t, groupID) |
| 29 | |
| 30 | // list security group |
| 31 | listSecGroups(t) |
| 32 | |
| 33 | // get security group |
| 34 | getSecGroup(t, groupID) |
| 35 | |
| 36 | // create port with security group |
| 37 | //networkID, portID := createSecGroupPort(t, groupID) |
| 38 | |
| 39 | // teardown |
| 40 | //defer rsNetworks.Delete(Client, networkID) |
| 41 | |
| 42 | // delete port |
| 43 | //defer rsPorts.Delete(Client, portID) |
| 44 | } |
| 45 | |
| 46 | func TestSecurityGroupRules(t *testing.T) { |
| 47 | Setup(t) |
| 48 | defer Teardown() |
| 49 | |
| 50 | // create security group |
| 51 | groupID := createSecGroup(t) |
| 52 | |
| 53 | defer deleteSecGroup(t, groupID) |
| 54 | |
| 55 | // create security group rule |
| 56 | ruleID := createSecRule(t, groupID) |
| 57 | |
| 58 | // delete security group rule |
| 59 | defer deleteSecRule(t, ruleID) |
| 60 | |
| 61 | // list security group rule |
| 62 | listSecRules(t) |
| 63 | |
| 64 | // get security group rule |
| 65 | getSecRule(t, ruleID) |
| 66 | } |
| 67 | |
| 68 | func createSecGroup(t *testing.T) string { |
| 69 | sg, err := rsGroups.Create(Client, osGroups.CreateOpts{ |
| 70 | Name: "new-webservers", |
| 71 | Description: "security group for webservers", |
| 72 | }).Extract() |
| 73 | |
| 74 | th.AssertNoErr(t, err) |
| 75 | |
| 76 | t.Logf("Created security group %s", sg.ID) |
| 77 | |
| 78 | return sg.ID |
| 79 | } |
| 80 | |
| 81 | func listSecGroups(t *testing.T) { |
| 82 | err := rsGroups.List(Client, osGroups.ListOpts{}).EachPage(func(page pagination.Page) (bool, error) { |
| 83 | list, err := osGroups.ExtractGroups(page) |
| 84 | if err != nil { |
| 85 | t.Errorf("Failed to extract secgroups: %v", err) |
| 86 | return false, err |
| 87 | } |
| 88 | |
| 89 | for _, sg := range list { |
| 90 | t.Logf("Listing security group: ID [%s] Name [%s]", sg.ID, sg.Name) |
| 91 | } |
| 92 | |
| 93 | return true, nil |
| 94 | }) |
| 95 | |
| 96 | th.AssertNoErr(t, err) |
| 97 | } |
| 98 | |
| 99 | func getSecGroup(t *testing.T, id string) { |
| 100 | sg, err := rsGroups.Get(Client, id).Extract() |
| 101 | th.AssertNoErr(t, err) |
| 102 | t.Logf("Getting security group: ID [%s] Name [%s] Description [%s]", sg.ID, sg.Name, sg.Description) |
| 103 | } |
| 104 | |
| 105 | func createSecGroupPort(t *testing.T, groupID string) (string, string) { |
| 106 | n, err := rsNetworks.Create(Client, osNetworks.CreateOpts{Name: "tmp_network"}).Extract() |
| 107 | th.AssertNoErr(t, err) |
| 108 | t.Logf("Created network %s", n.ID) |
| 109 | |
| 110 | opts := osPorts.CreateOpts{ |
| 111 | NetworkID: n.ID, |
| 112 | Name: "my_port", |
| 113 | SecurityGroups: []string{groupID}, |
| 114 | } |
| 115 | p, err := rsPorts.Create(Client, opts).Extract() |
| 116 | th.AssertNoErr(t, err) |
| 117 | t.Logf("Created port %s with security group %s", p.ID, groupID) |
| 118 | |
| 119 | return n.ID, p.ID |
| 120 | } |
| 121 | |
| 122 | func deleteSecGroup(t *testing.T, groupID string) { |
| 123 | res := rsGroups.Delete(Client, groupID) |
| 124 | th.AssertNoErr(t, res.Err) |
| 125 | t.Logf("Deleted security group %s", groupID) |
| 126 | } |
| 127 | |
| 128 | func createSecRule(t *testing.T, groupID string) string { |
| 129 | r, err := rsRules.Create(Client, osRules.CreateOpts{ |
| 130 | Direction: "ingress", |
| 131 | PortRangeMin: 80, |
| 132 | EtherType: "IPv4", |
| 133 | PortRangeMax: 80, |
| 134 | Protocol: "tcp", |
| 135 | SecGroupID: groupID, |
| 136 | }).Extract() |
| 137 | |
| 138 | th.AssertNoErr(t, err) |
| 139 | |
| 140 | t.Logf("Created security group rule %s", r.ID) |
| 141 | |
| 142 | return r.ID |
| 143 | } |
| 144 | |
| 145 | func listSecRules(t *testing.T) { |
| 146 | err := rsRules.List(Client, osRules.ListOpts{}).EachPage(func(page pagination.Page) (bool, error) { |
| 147 | list, err := osRules.ExtractRules(page) |
| 148 | if err != nil { |
| 149 | t.Errorf("Failed to extract sec rules: %v", err) |
| 150 | return false, err |
| 151 | } |
| 152 | |
| 153 | for _, r := range list { |
| 154 | t.Logf("Listing security rule: ID [%s]", r.ID) |
| 155 | } |
| 156 | |
| 157 | return true, nil |
| 158 | }) |
| 159 | |
| 160 | th.AssertNoErr(t, err) |
| 161 | } |
| 162 | |
| 163 | func getSecRule(t *testing.T, id string) { |
| 164 | r, err := rsRules.Get(Client, id).Extract() |
| 165 | th.AssertNoErr(t, err) |
| 166 | t.Logf("Getting security rule: ID [%s] Direction [%s] EtherType [%s] Protocol [%s]", |
| 167 | r.ID, r.Direction, r.EtherType, r.Protocol) |
| 168 | } |
| 169 | |
| 170 | func deleteSecRule(t *testing.T, id string) { |
| 171 | res := rsRules.Delete(Client, id) |
| 172 | th.AssertNoErr(t, res.Err) |
| 173 | t.Logf("Deleted security rule %s", id) |
| 174 | } |